Anti-keylog editor

ABSTRACT

Various embodiments for protecting keyboard data inputted by a user in a computer having a keyboard hardware are disclosed. According to one exemplary embodiment, a method for protecting keyboard data, where the keyboard hardware comprises an I/O port having an input buffer and an output buffer, includes: receiving scan code data based on keyboard data inputted by the user, wherein the scan code data are latched in the output buffer of the I/O port; executing an interrupt routine to fetch the scan code data from the output buffer to a CPU of the computer, wherein the latched scan code data remains in the output buffer after the latched scan code data are read from the output buffer; transmitting a control command to the keyboard hardware through the input buffer of the I/O port; and receiving from the keyboard hardware a response signal generated in response to the control command, wherein the keyboard hardware is configured to transmit the response signal to the output buffer of the I/O port.

TECHNICAL FIELD

A security program has an ActiveX format for web browsers and application programs, and comprises a software security input window for preventing leakage of keyboard data without an additional hardware device but rather by using a conventional keyboard.

Therefore, the present invention protects keyboard data on the web browsers or application programs.

BACKGROUND OF THE INVENTION

(a) Field of the Invention

The present invention relates to an apparatus and a method for protecting keyboard data inputted by a user. More specifically, the present invention relates to an apparatus and a method for preventing leakage of the keyboard data using a security program.

(b) Description of the Related Art

Conventional techniques of keyboard data security on the Internet include a product “Kis” released by Safetek (www.esafetek.com) in January 2001, and keyboard data input means (or methods) such as a Java-based virtual keyboard other than a conventional keyboard system. However, since the former protects keyboard data on a hardware basis, it requires an additional device, and it is accordingly difficult to be applied to a general-purpose service such as the Internet, and the latter, that is, the security using the keyboard data input means other than conventional keyboard is not greatly used because of users' lack of skill and the inconvenience involved. Hence, even though it is urgently required to secure keyboard data comprising important personal information on the Internet, no general-purpose products have been provided to the market.

According to the present invention, the input data by conventional keyboard are securely processed.

SUMMARY OF THE INVENTION

It is an object of the present invention to prevent keyboard data leakages from hacking when a user inputs personal information, writes electronic mail, or produces a document on the Internet or a network system.

In order to perform keyboard data security, first, when a scan code, which is caused by user key input, is transmitted to a keyboard device driver from a keyboard hardware, leakage of the scan code remaining at the I/O port 60H must be prevented. However, since general application programs may not properly control the leakage because of their hardware properties and the Windows properties, a virtual device driver (VxD) accessible to Ring 0 is to be used to prevent the above-noted leakage.

Second, while the keyboard device driver converts the scan code into keyboard data and transmits the same to a system message queue, the converted keyboard data must be not leaked by external programs including API hooking and message hooking. However, since this process may not be protected through the Windows' default operating system (USER.EXE) as general methods, another keyboard entry method that does not use the Windows' default system should be supported.

Third, data leakage during the process of transmitting the keyboard data to a desired application program must be prevented. Hackers may hook or monitor the APIs or messages used by the application programs to leak the keyboard data. Therefore, a technique for securely transmitting the keyboard data to the application program is to be created.

In order to use the keyboard data on the web browser, first, it is needed for a security input window to be described using HTML documents supported by the web browser. Since the security input window does not follow the Window's default keyboard operating system, it is to be realized through a specific method to be in cooperation with the web browser.

Second, it is required to support low level tasks including communication with a virtual device driver VxD on the web browser, and controlling hardware because the security input window according to the present invention uses a security keyboard driver, and directly controls the hardware keyboard to realize the security input window.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate an embodiment of the invention, and, together with the description, serve to explain the principles of the invention:

FIG. 1 shows a whole configuration of a keyboard data security system according to a preferred embodiment of the present invention;

FIG. 2 shows a keyboard data flowchart of a security input window according to a preferred embodiment of the present invention;

FIG. 3 shows a data flowchart between a security keyboard driver and the ActiveX according to a preferred embodiment of the present invention;

FIG. 4 shows a web browser to which a security input window is applied according to a preferred embodiment of the present invention; and

FIG. 5 shows an exemplified HTML source to which a security input window is applied according to a preferred embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

In the following detailed description, only the preferred embodiment of the invention has been shown and described, simply by way of illustration of the best mode contemplated by the inventor(s) of carrying out the invention. As will be realized, the invention is capable of modification in various obvious respects, all without departing from the invention. Accordingly, the drawings and description are to be regarded as illustrative in nature, and not restrictive.

The basic operation principle according to a preferred embodiment of the present invention on the web browsers is to not use a Microsoft Windows standard keyboard process, but rather to use a security keyboard driver and a security input window to securely transmit the keyboard data input by the user to a web browser. Also, the keyboard security of the present invention prevents the user's key input data from being stolen by a hacker. The user's key input data stored (more accurately, latched) in a buffer of the keyboard hardware are immediately modified. In the present invention, the keyboard hardware means a keyboard controller; however, it can be a device to include a data latch unit for temporally storing the user's key input data, which are usually stored as a scan code therein. In the computer system, the user's key input data are transferred to a CPU via the latch unit of an I/O port which is provided for the keyboard controller, such as a controller 8255, (hereinafter, referred to as “keyboard hardware”).

FIG. 1 shows a whole configuration of a keyboard data security system, applied to a web browser, according to a preferred embodiment of the present invention.

First, a conventional keyboard processing of Microsoft Windows will be described. Electrical signals generated from a keyboard are provided to a keyboard hardware 101 of the motherboard, they are represented in scan codes, and they are provided to a virtual keyboard driver (VKD) 102. The keyboard driver is used as a virtual driver in Windows 98; however, this may be another keyboard driver in other operating systems. The scan codes that are different from each other depending on the keyboard type are converted by the VKD 102 into a keyboard message used as the standard of the operating system. The keyboard messages stored in a system message queue 103 are transmitted to a virtual machine (VM) currently activated by USER.EXE which is a Ring 3 component of the operating system. The keyboard data stored in the VM are transmitted to a web browser 105 through a thread message queue 103 to perform a key input task. Finally, the keyboard data stored in the VM are transmitted to a web server 106 through the web browser 105.

However, the key input task of the security input window according to a preferred embodiment of the present invention is realized in such a manner that a security keyboard driver, differing from the above-noted conventional keyboard processing, is driven.

According to the principle of the key input security task in a security input window, electrical signals generated from keyboard are provided to the keyboard hardware 101 of the motherboard, they are represented in scan codes, and they are provided to a virtual keyboard driver (VKD) 102. After this, the virtual keyboard driver 102 calls VKD_Filter_Keyboard_Input that represents a hooking function (a user redefinition function) for user-defined key management. When a carry flag is set and returned from the hooking function called by the virtual keyboard driver 102, the virtual keyboard driver 102 ignores a keyboard message and aborts subsequent keyboard message processing. The hooking function in the security keyboard driver stores the keyboard data in its queue, sets a carry, and returns the carry. Therefore, the keyboard message is not transmitted to a system message queue, a thread message queue, and a web browser, thereby preventing leakage of the keyboard data through message hooking. In this instance, the hooking function is provided to and managed by a security keyboard driver.

The security keyboard driver redefines the VKD_Filter_Keyboard_Input to prevent message hooking. However, the scan code remains in the keyboard hardware of the motherboard after the above-noted task. Scan code trace data may not be erased through a general method because of properties of the keyboard hardware. Hence, the keyboard hardware is controlled so as to erase the scan code trace data remaining in the keyboard hardware.

As to the method for erasing the trace data, when the hooking function is executed, VKD_Filter_Keyboard_Input of the security keyboard driver is called and a general control command (keyboard enable signal [F4H]) is issued and output to the keyboard hardware through the port 60H. The control command, such as the keyboard enable signal [F4H], is a control signal that does not have an effect on the user's key input and the control signal can be selected from instructions to make meaningless data issued by the keyboard hardware, a CPU or other devices incorporated in the computer system. The keyboard data stored in the buffer are modified into the meaningless data under the control of the control command. Accordingly, since the key input data stored in the output buffer are modified immediately after the previously input data has been processed, the user's key input data are securely protected. Actually, since the key input data stored in the output buffer is not modified or erased directly, in the present invention, the modification is carried out by inputting again into the buffer the newly produced meaningless data regardless of the user's key input data. When receiving the control command from a CPU, the keyboard hardware is initialized itself with enabling the keyboard and outputs an acknowledgement (FAh) for the initialization to the CPU in response to the control command, and then erases the keyboard data stored in the output buffer of the port 60H. In this process, the keyboard data stored in the output buffer of the port 60H of the keyboard hardware are erased, the trace data of the port 60H are changed to another value FAh, and accordingly, the scan code trace data are erased. By using this process, keyboard data hacking using a keyboard port is prevented. As a result, the keyboard data remaining in the output buffer of the keyboard hardware, more particularly in an output buffer (port 60H) of the keyboard hardware, is modified into the acknowledgement (FAh) which is different from and regardless of the previously stored keyboard data.

For example, the keyboard hardware can modify the keyboard data stored in the buffer therein in response to the control command from a CPU, by alternating the keyboard data into other data and erasing them. Since the alternated data means specific data which can be the acknowledgement signal from the keyboard hardware, as set forth above, or specific data. In case of the specific data, they can come from the CPU together with the control command when the security keyboard driver is driven. Alternatively, the data to be modified can individually come from the CPU, the keyboard hardware, itself, or other devices if they are provided to the output buffer in the keyboard hardware in response to the control command Also, it is possible to use an echo signal, as a response signal to the control command, which is issued in the keyboard hardware itself after the keyboard data are outputted. As to the method for transmitting the keyboard data stored in the keyboard data queue of the security keyboard driver to the security input window 110 having the ActiveX format, states of the queue of the security keyboard driver are periodically monitored by the security input window to receive the stored keyboard data. When receiving the keyboard data, the security input window converts the keyboard data of a scan code format into characters to store them, and displays them to a screen for the user to check input states.

When the user inputs data in the security input window, and presses one of a transmit button and a check button to go to a next task, the web browser 112 refers to data properties 111 of the security input window through scripts to proceed to perform tasks assigned by the scripts.

FIG. 2 shows a flowchart for interface and management between a virtual keyboard driver and a security keyboard driver. When a user presses a keyboard button, the keyboard hardware receives keyboard data from the keyboard to generate a keyboard interrupt and call a virtual keyboard driver in step S201. The called virtual keyboard driver reads a value of the port 60H storing the keyboard data, stores it in a predetermined register, and calls a hooking function S210 of VKD_Filter_Keyboard_Input. The hooking function S210 representing a function that the security keyboard driver has, determines whether the security keyboard driver is activated or not S204, and the hooking function S210 is terminated when the security keyboard driver is not activated. It also erases the keyboard data traces of the keyboard port 60H using the above-noted method S205 when the security keyboard driver is activated and stores the keyboard data in its queue S206. It then assigns a carry flag S207 so that the virtual keyboard driver may not use the keyboard data, and it is terminated.

When calling the hooking function, the virtual keyboard driver checks the carry flag to perform the existing virtual keyboard driver job or ignore the input keyboard data S208 and S209.

FIG. 3 shows a flowchart for processing keyboard data through interface between a security input window and a security keyboard driver. The security input window uses a timer to periodically communicate (function DeviceloControl) with the security keyboard driver in step S301 to receive security keyboard data in step S303. After receiving the security keyboard data based on the determination S302, the security input window displays or stores the security keyboard data S304.

FIG. 4 shows an exemplified web browser 405 to which a security input window 404 is applied, referring to HTML codes of FIG. 5. Referring to FIG. 4, when a user uses a keyboard 401 to input a web address in the security input window 404 of the browser 405 through the security driver 403 or the virtual keyboard driver 402, and presses a button 406, the user is linked to the corresponding web page.

FIG. 5 shows the security input window 501 represented in HTML code format and process of the keyboard data input to the security input window in the HTML format.

The description of the security input window in the HTML format is performed according to the ActiveX format, and the data reference of the security input window follows the ActiveX property format.

The security input window as shown in the subsequent example 502 is expressed as the OBJECT in the HTML codes.

<OBJECT  classid=“clsid:C1BF8F0F-05BA-497C-AEDA-F377E0867B3C”  name=“akl1”  codebase=“http://localhost/AKLEditXControl.cab#version=1,0,89,9”  width=350  height=23  align=center  hspace=0  vspace=0 > <param name=“Value” value=“www.yahoo.com”> <param name=“Border” value=“2”> <param name=“BorderLeftcolor” value=“0”> <param name=“BorderRightcolor” value=“0”> <param name=“BorderTopcolor” value=“0”> <param name=“BorderBottomcolor” value=“0”> <param name=“BorderStyle” value=“1”> <param name=“Font” value=“MS Sans Serif”> <param name=“Size” value=“56”> </OBJECT> (Reference document: http://msdn.microsoft.com/workshop/author/dhtml/reference/objects/OBJECT.asp)

The next exemplar 501 describes a method for referring to the keyboard data input to the security input window in the HTML codes.

 <script language=“javascript”>   function geturl( ) {   var ak = http:// + akl1.value;   window.open(ak)    } </script>

In the above codes, ak11.value is called to refer to the data of the security input window.

1. The preferred embodiment of the present invention protects the keyboard data input by a user on the Internet to increase reliability of Internet-related industries and activate the industries.

Internet tasks including Internet banking, Internet games, web mail, web contents, and security document composition basically require a user to use a keyboard. Leaked keyboard data may cause great confusion and damage to the Internet tasks of companies.

Therefore, the use of the security key input window prevents leakages of the keyboard data to improve reliability of Internet business and to activate the Internet business, and it will reduce direct loss and damage caused by the leakage of the keyboard data.

2. The preferred embodiment does not handle malicious programs in the like manner of vaccine programs, but it copes with hacking, and hence, the preferred embodiment protects the user's keyboard data against new programs and undetected hacking programs.

3. Hackers may not steal the keyboard data using existing hacking tools if they have no new hacking techniques, which reduces the hackers' fields of action.

4. The preferred embodiment provides a software security system, and it recovers the security level through an immediate improvement when the security level of the system is lowered, thereby increasing the reliability of keyboard data security and obtaining Internet business related reliability.

While this invention has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

The word ‘comprising’ and forms of the word ‘comprising’ as used in this descripting and in the claims does not limit the invention claimed to exclude any variants or additions. 

What is claimed is:
 1. A method of protecting keyboard data inputted by a user in a computer having a keyboard hardware, the keyboard hardware comprising an I/O port having an input buffer and an output buffer, the method comprising: receiving scan code data based on keyboard data inputted by the user, wherein the scan code data are latched in the output buffer of the I/O port; executing an interrupt routine to fetch the scan code data from the output buffer to a CPU of the computer, wherein the latched scan code data remains in the output buffer after the latched scan code data are read from the output buffer; transmitting a control command to the keyboard hardware through the input buffer of the I/O port; and receiving from the keyboard hardware a response signal generated in response to the control command, wherein the keyboard hardware is configured to transmit the response signal to the output buffer of the I/O port, wherein the response signal replaces the scan code data remaining in the output buffer of the I/O port.
 2. The method of claim 1, wherein the control command comprises an enable command for enabling a keyboard.
 3. The method of claim 2, wherein the response signal comprises an acknowledgement signal for acknowledging receipt of the enable command
 4. The method of claim 1, further comprising: calling a hooking function for preventing the scan code data from transmitting to a system message queue or a thread message queue of the computer; and transmitting the scan code data stored in the security keyboard driver to an input program to be secured.
 5. The method of claim 1, wherein executing the interrupt routine is performed by a virtual keyboard driver, and transmitting the control command to the keyboard hardware is performed by a security keyboard driver.
 6. The method of claim 1, wherein transmitting the control command to the keyboard hardware does not affect input operation of the keyboard hardware.
 7. A computer system comprising a non-transitory computer useable medium having a security program embodied therein for protecting keyboard data inputted by a user, the security program comprising: a keyboard driver configured to fetch scan code data stored in an I/O port of a keyboard hardware to a CPU when an interrupt routine is initiated; and a security keyboard driver configured to send a control command to the keyboard hardware after the keyboard driver fetches the scan code data from the I/O port, the control command being configured to cause the keyboard hardware to generate a response signal, wherein the response signal replaces the scan code data stored in the I/O port.
 8. The computer system of claim 7, wherein the control command comprises an enable command for enabling a keyboard.
 9. The computer system of claim 8, wherein the response signal from the keyboard comprises an acknowledgement signal for acknowledging receipt of the enable command.
 10. The computer system of claim 7, wherein the I/O port comprises an input buffer and an output buffer, wherein the scan code data are stored in the output buffer, and wherein the control command is sent to the input buffer.
 11. The computer system of claim 7, wherein the security keyboard driver is configured to perform a hooking function for preventing the scan code data from transmitting to a system message queue or a thread message queue.
 12. The computer system of claim 7, wherein the control command does not affect input operation of the keyboard hardware when the control command is sent to the keyboard hardware.
 13. A non-transitory computer readable medium in a computer having a processor that stores instructions for executing a method for protecting keyboard data in the computer, the method comprising: receiving scan code data based on keyboard data inputted by a user, wherein the scan code data are latched in an I/O port of a keyboard hardware; executing an input routine through a virtual keyboard driver to read the scan code data from the I/O port, wherein the scan code data remains in the I/O port after the scan code data are read from the I/O port; transmitting, through a security keyboard driver, a control command to the keyboard hardware; and receiving from the keyboard hardware a response signal that replaces the latched scan code data in the I/O port, the response signal being generated in response to the control command.
 14. The medium of claim 13, wherein the control command comprises an enable command for enabling a keyboard.
 15. The medium of claim 14, wherein the response signal comprises an acknowledgement signal for acknowledging receipt of the enable command.
 16. The medium of claim 13, wherein the I/O port comprises an input buffer and an output buffer, wherein the scan code data are latched in the output buffer and the control command is transmitted to the input buffer.
 17. The medium of claim 13, wherein the method further comprises: calling a hooking function for preventing the scan code data from transmitting to a system message queue or a thread message queue of the computer; and transmitting the scan code data stored in the security keyboard driver to an input program to be secured. 